<?php
    session_start();
    require_once("dbConnect.inc");
    require_once("errorhandler.php");
    set_error_handler("error_msg");

    isset($_SESSION["email"]) ? $email = $_SESSION["email"] : $email = "";
    $statusmessage = "";
    
    // Rechter menu
    $rightMenu = '<BR><INPUT TYPE=button onClick="location.href=\'index.php\'" value=\'Home\'></BR>';
    
    if (isset($_POST["logout"])) {
        session_unset();
        session_destroy();
        header("Location: index.php");       
    } else {
        if (isset($_POST["submit"])) {
            $email = $_POST["email"];
            $_SESSION["email"] = $_POST["email"];
            
            $databaseConnection = mysqli_connect($hostname, $username, $password, $database);
            
            if (mysqli_connect_errno()) {
                trigger_error("Het is niet gelukt om verbinding te maken met de database.", E_USER_ERROR);
                exit();
            }
            
            $passwordMd5 = md5($_POST["password"]);
            $qGetUser = "select id, naam, admin from users where email = '" . $_SESSION["email"] . 
                    "' AND wachtwoord = '" . $passwordMd5 . "'";
            
            $queryResult = mysqli_query($databaseConnection, $qGetUser);
            
            if ($queryResult) {
                if (mysqli_num_rows($queryResult) == 1) {
                  while ($row = mysqli_fetch_array($queryResult, MYSQLI_ASSOC)) {
                    $_SESSION["username"] = $row["naam"];
                    $_SESSION["userid"] = $row["id"];
                    $_SESSION["admin"] = $row["admin"];
                    header("Location: index.php");
                  }
                } else {
                  $statusmessage = "</BR><B>Onjuist email adres of wachtwoord.</B></BR>";
                }
            } else {
                trigger_error("Het is niet gelukt om je gegevens te verifieren.</BR>Probeer het later nog eens.", E_USER_ERROR);
                exit();
            }
        }
    }
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/
    TR/html4/strict.dtd">
<HTML>
    <HEAD>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
		<link rel="stylesheet" href="style.css" type="text/css" media="screen" />
        <title>Inzendopdracht 051R7</title>
    </HEAD>
    <BODY>
        <FORM ACTION="<?php echo $_SERVER["PHP_SELF"]; ?>" METHOD="POST">
            <DIV id="container">
                <DIV id="header">
                    <h1>Login 051R7</h1>
                </DIV>
                <DIV id="leftBar">
                    </BR>
                </DIV>
                <DIV id="content">
                    <?php echo $statusmessage; ?></BR>
                    <label for='email'>Email</label></BR>
                    <INPUT type='text' name='email' id='email' value='<?php echo $email; ?>'/></BR></BR>
                    <label for='wachtwoord'>Wachtwoord</label></BR>
                    <INPUT type='password' name='password' id='password'/></BR></BR>
                    <INPUT TYPE="submit" value="Aanmelden" name="submit"/>&nbsp&nbsp&nbsp
                    <INPUT TYPE="button" onClick="location.href='index.php'" value="Cancel"/></BR>
                    <P>Heb je nog geen account? klik dan <a href="inschrijf.php">hier</a> om er een aan te vragen.</BR></P>
                </DIV>
                <DIV id="rightBar">
                    <?php echo $rightMenu; ?></BR>
                </DIV>
            </DIV>
        </FORM>
    </BODY>
</HTML>